cve/CVE-2018-19361.md at c42a8175e7a919537d1a63deb490ade8c3ea0285

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-06-01 03:00:54 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

1.0 KiB

Raw Blame History

CVE-2018-19361

Description

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.

POC

Reference

https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Anonymous-Phunter/PHunter
https://github.com/CGCL-codes/PHunter
https://github.com/OWASP/www-project-ide-vulscanner
https://github.com/PalindromeLabs/Java-Deserialization-CVEs
https://github.com/aaronm-sysdig/risk-accept
https://github.com/ilmari666/cybsec

1.0 KiB Raw Blame History

CVE-2018-19361

Description

POC

Reference

Github

1.0 KiB

Raw Blame History